CVE-2025-61921 Sinatra has ReDoS vulnerability in ETag header value generation

Sinatra is a domain-specific language for creating web applications in Ruby. In versions prior to 4.2.0, there is a denial of service vulnerability in the If-Match and If-None-Match header parsing component of Sinatra, if the etag method is used when constructing the response. Carefully crafted...

CVE-2024-21510 vulnerabilities

Vulnerabilities for packages: ruby3.3-sinatra, ruby3.2-sinatra, logstash, gitlab-cng...